Re: [libvirt] [PATCH] libxl: avoid crashing if calling `virsh numatune' on inactive domain
On Sat, Dec 28, 2013 at 3:18 PM, Doug Goldstein <cardoe(a)gentoo.org> wrote:
On Tue, Dec 24, 2013 at 12:02 AM, Eric Blake
<eblake(a)redhat.com> wrote:
> On 12/20/2013 11:36 AM, Jim Fehlig wrote:
>> Dario Faggioli wrote:
>>> by, in libxlDomainGetNumaParameters(), calling libxl_bitmap_init() as soon
as
>>> possible, which avoids getting to 'cleanup:', where
libxl_bitmap_dispose()
>>> happens, without having initialized the nodemap, and hence crashing after
some
>>> invalid free()-s:
>>>
>>
>> Yikes! ACK to the fix. I've pushed it.
>
> This has been assigned CVE-6457; we'll get it tagged in libvirt.git and
> make sure it is backported to relevant branches once I've got more time
> (may be in 2014).
>
I'll help you out and get started on this. Family is in town around
the holidays so no promises I'll get them all done if its not too
trivial.
--
Doug Goldstein
The fix has been back ported to:
v1.1.1-maint
v1.1.2-maint
v1.1.3-maint
v1.1.4-maint
v1.2.0-maint
This should cover all affected versions per Jim's analysis.
Let me know if anything further needs to be done.
--
Doug Goldstein